Compliance Services

Depending on the nature of your business, there are often regulatory standards - on both a national and industry-specific level - that your IT infrastructure needs to meet...

These regulations and industry requirements are always evolving based on a host of factors including emerging risks, industry innovations and environmental trends. 

Non-compliance with these regulations can sometimes result in negative consequences like financial penalties, loss of revenue or even worse; compromising the security of data, so it’s important to make sure that your business is able to follow best practice. .

Staffed by a dedicated team of experienced professionals, our compliance service can help your IT department stay up to date and close any gaps in their processes or device functionality or and performance.

Information Security Management Systems 

Information Security Management Systems (ISMS) are now a necessity for many smaller and enterprise organisations.

More and more governments and larger institutions require suppliers and vendors to demonstrate that they’re capable of properly managing sensitive data regarding customers and individuals. 

Not having an adequate ISMS in place can hurt your bottom line by preventing you from taking on certain kinds of work.

As an industry leader, we understand the importance of properly introducing clear security management policies in situations where multiple users within an organisation have access to sensitive data.

Thanks to this experience, we can ensure that your management of and access to client data complies with the relevant industry and statutory requirements.

Compliance Services We Offer:

Compliance Audits

  • Headed up by our highly experienced Lead Quality Auditor, our dedicated team of Internal Quality Auditors are available to conduct rigorous internal audits.
  • Backed by years of hands-on industry experience, these audits assess whether or not your IT systems and data management comply with the relevant standards, regulation and guidance.

Data Storage

  • If your organisation is required to archive its data indefinitely, we can arrange for it to be stored securely on encrypted tapes in a professional storage facility.

 

Our Process

To ensure that your IT systems meet the necessary requirements, we follow a rigorous 2-stage auditing process:

Stage 1

This  is a preliminary, informal review of your Information Security Management Systems 

This includes elements such as checking the existence and completeness of key documentation such as: 

  • Your organization's information security policy 
  • Your Statement of Applicability (SoA) and 
  • Your Risk Treatment Plan (RTP). 

This stage serves to familiarize the auditors with your organization. It also allows you to get to know us and become comfortable with us and the process as a whole.

Stage 2

This is a more detailed and formal compliance audit that independently tests your ISMS against the requirements specified in ISO/IEC 27001

The auditors will seek evidence to confirm that your management system has been properly designed and implemented, and is in fact in operation (for example by confirming that a security committee or similar management body meets regularly to oversee the ISMS). 

Certification audits are usually conducted by ISO/IEC 27001 Lead Auditors. Passing this stage results in the ISMS being certified compliant with ISO/IEC 27001.